FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes various methods for efficiently managing FortiGate remotely without a VPN connection.
Scope
FortiGate.
Solution
Remote access and management of FortiGate without establishing a VPN connection can be achieved through several secure methods. This guide outlines multiple approaches that facilitate efficient remote administration while ensuring network security.
Enable WAN interface access: Configure the FortiGate unit to permit administrative access via their respective WAN interfaces. This approach allows for direct management over the Internet.
Use FortiDDNS with fully qualified domain names (FQDN): Employ Fortinet's Dynamic DNS (FortiDDNS) service to assign FQDNs to each FortiGate. This setup facilitates remote management by resolving dynamic IP addresses to consistent domain names, simplifying access without VPN connections.
Port Forwarding (VIP) on Upstream Router: If the FortiGates are behind an ISP router, configure port forwarding on the router to the FortiGate’s local IP. This will allow access to the FortiGate using the router's public IP and forwarded ports.
Managing FortiGate via FortiGate Cloud: FortiGate Cloud provides a centralized platform for remote management, eliminating the need for direct network access. Register the devices on FortiGate Cloud via Dashboard -> Status -> FortiGate Cloud. Login to FortiGate Cloud will allow to manage the FortiGate devices remotely.
Remote Desktop to an Internal Machine: If there is an accessible PC inside any network, the use of RDP (Remote Desktop) or SSH is another way to access the FortiGates remotely.
